Re: Information disclosure vulnerability in Drupal's Realname- User Reference Widget contributed module (version 6.x-1.0)

From: mori@diasporan.net
To: bugtraq@securityfocus.com
Cc:
Subject: Re: Information disclosure vulnerability in Drupal's Realname- User Reference Widget contributed module (version 6.x-1.0)
Date:


We have determined that Realname module and Realname userreference module do not share information that should be hidden. After all, both account->name and realname fields are _intended_ for display. Therefore this is not considered a vulnerability.

Mori Sugimoto (http://drupal.org/user/82971 )
Drupal Security Team Coordinator





Copyright © 1995-2020 LinuxRocket.net. All rights reserved.